Thank you, Roberto and Tom. That helps me understand shorewall better. In any event, having now tried those iptables commands--they didn't help in my case. When I do a "shorewall clear", does that actually leave the iptables/firewall wide open? Perhaps I have misunderstood, but I had thought that whenever shorewall "clears", that it replaces the previous iptables configuration that had existed before shorewall started. Is this not the case?
To answer your question, Paul, the link I referenced regarding this Ubuntu problem is not presenting my case. Those are his iptables output. Yes, I am still dealing with the same server; however, I have been forced to practice on an "offline" server, which, when upgraded to Ubuntu 8.04, exhibits the exact same behavior. The problem is that the PPPoE lines will not pass internet through to the LAN when they are in the route with 8.04, and a network restart will always show these errors: ppp0: ERROR while getting interface flags: No such device Plugin rp-pppoe.so loaded. ppp1: ERROR while getting interface flags: No such device Plugin rp-pppoe.so loaded. I've posted to the Ubuntu forums, but received no response. As it turns out, I've experienced these same problems now on two different machines, and with both 7.10 and 8.04 of Ubuntu. I have also gone through the current list of Ubuntu distributions, by trial and error, to find the ones that will support the load balancing, and only these last two actually do it properly. So, it seems to be a case of breaking one thing to fix another. I may have to go back to using hardware routers to interface the pppoe lines for the server. The problem with doing it that way is that the routers seem to have a hardware limit for the number of connections going through, and when I have tried this previously, there were times when the internet was clogged up. Additionally, I have had some issues with the double NAT. Of course, almost none of my problems are directly related to shorewall. I had thought the load balancing might be, but I'm learning that is a kernel issue. I have really appreciated having shorewall, and want to thank Tom and any others who have provided this tool. Thank you all. Erik. _________________________________________________________________ With Windows Live for mobile, your contacts travel with you. http://www.windowslive.com/mobile/overview.html?ocid=TXT_TAGLM_WL_Refresh_mobile_052008 ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
